<?php

require_once "include.php";

if($method == "GET"){
	if($_REQUEST['id'] && $_REQUEST['ajax'] && $_REQUEST['callback']){
		$id = mysql_real_escape_string( $_REQUEST['id'] );
		$on_promotion = mysql_real_escape_string( $_REQUEST['on_promotion'] );
		$callback = mysql_real_escape_string( $_REQUEST['callback'] );

			$query = "UPDATE dish SET on_promotion=$on_promotion WHERE id=$id";

			$result = mysql_query($query);
			if($result){
				echo "$callback(" . json_encode("true") . ")";
			}else{
				$error = array("error" => mysql_error());
				echo "$callback(" .  json_encode($error). ")";
			}
	
	} else{
		$query = "SELECT * FROM dish";

		if($_REQUEST["stall_id"]){
			$id = $_REQUEST['stall_id'];

			if($_REQUEST["on_promotion"]){
				$query .= " WHERE stall_id=$id AND on_promotion=1";
			} else{
				$query .= " WHERE stall_id=$id";
			}
		} 
		else if($_REQUEST["id"]){
			$ids = explode(",", $_REQUEST['id']);

			$i = 0;
			foreach($ids as $id){
				if($i == 0){
					$query .= " WHERE id=$id";
				} else{
					$query .= " OR id=$id";
				}

				$i++;
			}
		}

		$result = mysql_query($query) or die(mysql_error());  

		$return_arr = array();

		while($row = mysql_fetch_array( $result )){
			$dish = array(
						"id" => $row["id"],
						"name" => $row["name"],
						"image" => $row["image"],
						"description" => $row["description"],
						"price" => $row["price"],
						"on_promotion" => $row["on_promotion"],
						"rating" => $row["rating"],
						"stall_id" => $row["stall_id"]
						);

			$return_arr[] = $dish;
		}

		$callback = $_REQUEST["callback"];
		if($callback){
			echo "$callback(" . json_encode($return_arr) . ")";
		} else{
			echo json_encode($return_arr);
		}
	
	}
}
else if($method == "POST"){
	if($_REQUEST['type'] == "rate"){
		$id = mysql_real_escape_string( $_REQUEST['id'] );
		$user_id = mysql_real_escape_string( $_REQUEST['user_id'] );
		$rating = mysql_real_escape_string( $_REQUEST['rating'] );
		
		// check if user has already rated the dish
		$query = "SELECT * FROM comment WHERE user_id=$user_id AND type=2 AND to_id=$id";
		$result = mysql_query($query) or die(mysql_error());  

		$no_of_rating = 0;
		while($row = mysql_fetch_array( $result )){
			$no_of_rating++;
		} 
		
		if($no_of_rating){
			$query = "UPDATE comment SET rating=$rating WHERE user_id=$user_id AND type=2 AND to_id=$id";
		}else{
			$query = "INSERT INTO comment(type, rating, user_id, to_id) VALUES(2, $rating, $user_id, $id)";
		}
		
		$result = mysql_query($query) or die(mysql_error());
		
		$query = "SELECT * FROM dish WHERE id=$id";
		$result = mysql_query($query) or die(mysql_error()); 
		
		$old_rating = 0;
		while($row = mysql_fetch_array( $result )){
			$old_rating = $row["rating"];
		}
		
		$new_rating = ($rating + $old_rating*$no_of_rating)/($no_of_rating + 1);
		
		$query = "UPDATE dish SET rating=$new_rating WHERE id=$id";
		
		$result = mysql_query($query);
		if($result){
			echo json_encode("true");
		}else {
			$error = array("error" => mysql_error());
			echo json_encode($error);
		}
	} else{
		$id = mysql_real_escape_string( $_REQUEST['id'] );
		$on_promotion = mysql_real_escape_string( $_REQUEST['on_promotion'] );

		if($id && $on_promotion){
			$query = "UPDATE dish SET on_promotion=$on_promotion WHERE id=$id";

			$result = mysql_query($query);
			if($result){
				echo json_encode("true");
			}else{
				$error = array("error" => mysql_error());
				echo json_encode($error);
			}
		}
	}
}
else if($method == "DELETE"){
	
}


?>